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DETAILED ACTION 

1. Claims 1-21 have been examined. 

Claim Rejections - 35 USC §112 



2. The following is a quotation of the second paragraph of 35 U.S.C. 112: 

The specification shall conclude with one or more claims particularly pointing out and distinctly 
claiming the subject matter which the applicant regards as his invention. 

3. Regarding claims 1,4-5,7-9,13 the phrase "configured to" renders the claim 
indefinite because it is unclear whether the limitation(s) following the phrase "configured 
to" is actually performed. See MPEP 2173.05(d) 

Claim Rejections -35 USC § 103 

4. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

5. Claims 1-21 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Buer(US Pub no 20040128553) in view of Krishna et al (hereinafter referred as Krishna) 
WO 01/05086 A2 . 

6. As per claim 1: Buer discloses a network interface system for interfacing a host 
system with a network to provide outgoing data from the host system to the network and 
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to provide incoming data from the network to the host system, the network interface 
system comprising: 

a bus interface system operable coupled with a host bus in the host system, 
the bus interface system being adapted to transfer data between the network interface 
system and the host system(See 0010 and Fig 1 steps 100,104); 

a media access control system operable coupled with the network, the media 
access control system being adapted to transfer data between the network interface 
system and the network(See Fig 1 steps 112, and 0034, claim 28); a security system 
adapted to selectively encrypt outgoing data and to selectively decrypt incoming data 
from the network(See Fig 1 steps 122A,122D and 0034-0035,); and 

a memory system, comprising first and second memories, the first memory 
being coupled with the media access control system and the security system and 
storing data from the network prior to security processing, the second memory being 
coupled to the security system and the bus interface system and storing data processed 
by the security system prior to transfer to the host system(See 0042,0060,0095); 

wherein the security system comprises an input control system that controls 
data flow from the first memory into the security processing system, a core module that 
performs security processing on data received from the input control system, and an 
output control system that controls data flow from the security system to the second 
memory system(See 0032,0057); 

However Buer does not explicitly disclose wherein the security system is 
configured to allow out-of-order writing of packet data to the output control system and 
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the output control system assembles the out-of-order data in correct order within the 
second memory. 

Krishna teaches wherein the security system is configured to allow 
out-of-order writing of packet data to the output control system and the output control 
system assembles the out-of-order data in correct order within the second memory (See 
page 3 lines 23-33, col 8 lines 20-29). 

Therefore it would have been obvious to a person having ordinary skill in the 
art at the time the invention was made to modify the method disclosed by Buer to 
include the security system is configured to allow out-of-order writing of packet data to 
the output control system and the output control system assembles the out-of-order 
data in correct order within the second memory. This modification would have been 
motivated to do so, as suggested by (Krishna page 3 lines 26-27), inorder to provides a 
method for accelerating cryptography processing of data packets. 

7. As per claim 2: the combination of Buer and Krishna disclose wherein the bus 
interface system, the media access control system, the memory system, and the 
security system are included within a single integrated circuit. (See Buer 0148) 

8. As per claim 3: the combination of Buer and Krishna disclose wherein the input 
control system writes control words or status words associated with packets to be 
processed directly to the output control system, bypassing the core module (See 
Krishna col 2 lines 10-16). 
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9. As per claim 4: the combination of Buer and Krishna disclose the network 
interface system wherein the output control system is configured to receive one or more 
status words for a packet prior to its payload (See Krishna col 9 lines 8-30). 

10. As per claim 5: the combination of Buer and Krishna disclose the network 
interface system wherein the output control system is configured to receive control 
words for a packet while still waiting for part of a preceding packet (See Krishna col 9 
lines 8-30). 

11. As per claim 6: the combination of Buer and Krishna disclose the network 
interface system wherein the part of the preceding packet comprises processed payload 
data within the core module (See Krishna col 9 lines 8-30). 

12. As per claim 7: the combination of Buer and Krishna disclose the network 
interface system wherein the output control system is configured to receive one or more 
status words for a packet after receiving part of a subsequent packet (See Krishna col 9 
lines 23-28). 

13. As per claim 8: the combination of Buer and Krishna disclose the network 
interface system wherein the control module is configured to write decrypted data for a 
current packet prior to the second memory to writing a status word for a preceding 
packet thereto (See Buer Fig 8 steps 808, 810 and 0016-0017). 

14. As per claim 9: the combination of Buer and Krishna disclose the network 
interface system wherein the input control system is configured to selectively provide 
one copy of an initialization vector to the core module and another copy directly to the 
output control system (See Krishna col 9 lines 8-22). 
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15. As per clam 10: the combination of Buer and Krishna disclose the network 
interface system wherein: the second memory is not word-addressable (See Krishna col 
8 lines 20-29); the output control system comprises a word addressable buffer (See 
Krishna col 8 lines 20-29); and the output control system writes the contents of the word 
addressable buffer to the output buffer (See Krishna col 9 lines 10-22). 

16. As per claim 1 1 : the combination of Buer and Krishna disclose the network 
interface system wherein the core module selectively authenticates packet using the 
HMAC-MD5-96 algorithm (See Buer 0133). 

17. As per claim 12: the combination of Buer and Krishna disclose the network 
interface system wherein the core module selectively authenticates packets using the 
HMAC-SHA-1-96 algorithm (See Buer 01 33). 

13. As per claim 13: Buer discloses a network interface system for interfacing a host 
system with a network to provide outgoing data from the host system to the network and 
to provide incoming data from the network to the host system, the network interface 
system comprising: 

a bus interface system operable coupled with a host bus in the host system, the 
bus interface system being adapted to transfer data between the network interface 
system and the host system(See 0010 and Fig 1 steps 100,104); 

a media access control system operable coupled with the network, the media 
access control system being adapted to transfer data between the network interface 
system and the network(See Fig 1 steps 122A.122D and 0034-0035); 
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a security system adapted to selectively decrypt and authenticate incoming data 
from the network(See Fig 1 steps 122A,122D and 0034-0035); and 

a memory system, comprising first and second memories, the first memory being 
coupled with the media access control system and the security system and storing data 
from the network prior to security processing, the second memory being coupled to the 
security system and the bus interface system and storing data processed by the 
security system prior to transfer to the host system(See 0042,0060,0095); 

Buer does not explicitly disclose wherein the security system is configured to 
begin writing decrypted data for a subsequent packet to the second memory while 
completing authentication for a current packet. 

However Krishna discloses wherein the security system is configured to begin 
writing decrypted data for a subsequent packet to the second memory while completing 
authentication for a current packet (See page 3 lines 23-33, col 8 lines 20-29) 

Therefore it would have been obvious to a person having ordinary skill in the art at 
the time the invention was made to modify the method disclosed by Buer to include the 
security system is configured to begin writing decrypted data for a subsequent packet to 
the second memory while completing authentication for a current packet. This 
modification would have been motivated to do so, as suggested by (Krishna page 3 
lines 26-27), inorder to provides a method for accelerating cryptography processing of 
data packets. 

18. As per claim 14: the combination of Buer and Krishna disclose the network 
interface system wherein the bus interface system, the media access control system, 
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the memory system, and the security system are included within a single integrated 
circuit (See Buer 0148). 

19. As per claim 15: the combination of Buer and Krishna disclose the network 
interface system wherein the security system Contains pipelines for authentication and 
decryption that operate in parallel (See Krishna page 3 lines 23-33, col 8 lines 20-29). 

20. As per claim 16: the combination of Buer and Krishna disclose the network 
interface system of wherein the core module is operable to decrypt completely the 
subsequent packet prior to authenticating the current packet (See Krishna page 3 lines 
23-33, col 8 lines 20-29). 

21 . As per claim 1 7: the combination of Buer and Krishna disclose the network 
interface system wherein the core module authenticates the current packet using the 
HMAC-MD5-96 algorithm (See Krishna page 9 lines 1-7, col 1 1 line through col 12 line 
17). 

22. As per claim 18: the combination of Buer and Krishna disclose the network 
interface system wherein the core module authenticates the current packet using the 
HMAC-SHA-1-96 algorithm (See Krishna page 9 lines 1-7, col 11 line through col 12 
line 17). 

23. As per claim 19: the combination of Buer and Krishna disclose the network 
interface system wherein the security system comprises: an input control system; a core 
module coupled to the input control system (See Buer 0126-0130); and an output 
control system coupled to both the input control system and the core module, wherein 
the input control system is operable to receive a packet containing a control word data 
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portion, a payload data portion, and a status word data portion, forward the control word 
data portion and the status word data portion directly to the output control system, and 
forward the payload data portion to the core module for decryption and authentication 
thereof(See Buer 0016,0032,0035). 

24. As per claim 20: the combination of Buer and Krishna disclose the network 
interface system wherein the output controls system is operable to write decrypted data 
for the subsequent packet to the second memory concurrently with the core module 
completing authentication for the current packet (See Krishna page 3 lines 23-33, col 8 
lines 20-29). 

25. As per claim 21 : the combination of Buer and Krishna disclose the network 
interface system wherein the output control system is operable to transmit the control 
word data portion, the payload data portion, and the status word data portion of packets 
to the second memory such that such packet portions are ordered in a predetermined 
fashion independent of an order such portions are received by the output control system 
(See Krishna page 3 lines 23-33, col 8 lines 20-29). 

Conclusion 

26. The prior art made of record and not relied upon is considered pertinent to 
applicant's disclosure. See PTO 892. 

27. Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Fikremariam Yalew whose telephone number is 
5712723852. The examiner can normally be reached on 9-5. 
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If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Moazzami Nasser,can be reached on 5712738300. The fax phone number 
for the organization where this application or proceeding is assigned is 571-272-4195. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 
USPTO Customer Service Representative or access to the automated information 
system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 

Fikremariam Yalew Art Unit 21 36 
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